PCI 

What is PCI Compliance?

Who needs to follow PCI DDS?

Why is it important?

What can you do?

What are some misconceptions on security?

Payment Card Industry Data Security Standard

PCI DSS is a set of comprehensive requirements for enhancing payment account data security. These requirements were developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

This security standard includes requirements for security management, policies, procedures, network architecture, software design and critical protective measures. PCI DSS is intended to help organizations proactively protect customer account data.

Everybody

PCI DSS affects anyone who actively handles payment card information such as card number, CVV2/CVC2/CID, cardholder's name, Expiration date, full magnetic stripe data, PIN data, and etc. Payment card processors, banks, cardholders, merchant service providers, and merchants are few examples of those affected by PCI DSS.

In other words, MERCHANTS who accept payment cards as payment must comply with PCI DSS.

Mandated by PCI Security Standards Council to protect sensitive information

  • Protection from security breaches internally

  • Protection from attacks by hackers/intruders

  • Liability for non compliance

    • Financial liability

      • Fines/penalties imposed by card associations

      • Fees assessed by processing companies

      • Fraud

      • Chargeback

    • Legal liability

      • Civil lawsuits

      • Criminal lawsuits

Many organizations believe that security breaches will never happen to them or that they have "enough" security

The truth is that there is no such thing as 100% security. As technology evolves, so do hackers. Staying in front of these threats is the only way to help prevent breaches in the future.

  • Even those who had PCI Certification and met the 12 requirements on minimum security level were breached by hackers.

  • The purpose of PCI DSS is not to prevent security breaches, but to make organizations aware of these threats and help them be proactive in protecting customer account data.

or Compliance Service ($35 / Year)

fill out & Sign this form and send to us

Instead of being reactive to breaches, become proactive to prevent these breaches occurring in the first place. Doing research about PCI can help significantly in finding ways to protect customer information.

Big or small, all organizations must realize the importance of security and the goal of PCI DSS in the payment card industry.

Take the first step: PCI Compliance - http://www.ezpcisaq.com